Critical-risk tools in Portkey Admin
21 of the 150 tools in Portkey Admin are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at critical risk
-
cancel_log_exportDestructiveCancel a pending or running log export job, unlike start_log_export which queues one or delete_integration which removes the source. This permanently stops that export, takes ef...
-
delete_api_keyDestructiveDelete an API key by UUID. This cannot be undone, revokes access immediately, and can break active sessions using the key. Returns success after revocation.
-
delete_collectionDestructiveDelete a prompt collection by ID. This cannot be undone; prompts stay in the workspace but lose their collection grouping, so reassign them first if organization matters.
-
delete_configDestructiveDelete a config by slug. This is permanent, removes all versions, and breaks anything still pointing at that slug; check list_config_versions first.
-
delete_guardrailDestructiveDelete a guardrail by id or slug. This is irreversible and removes the check from any configs that reference it, so review dependent configs first.
-
delete_integrationDestructiveDelete an integration by slug. This is irreversible and stops the org-level connection, which will break dependent virtual keys, providers, and workspace access.
-
delete_integration_modelDestructiveDelete a custom model from an integration. Built-in models should be disabled instead, because deletion only applies to custom entries. Returns success after the custom model is...
-
delete_mcp_integrationDestructiveDelete an MCP integration and all servers beneath it. This is irreversible, removes connected access immediately, and should only be used after confirming nothing depends on the...
-
delete_mcp_serverDestructiveDelete an MCP server instance. This is irreversible, removes connected users' access immediately, and should be used only after confirming no workflows depend on the server.
-
delete_promptDestructiveDelete a prompt and all its versions by id. This cannot be undone, immediately breaks callers using the slug, and should only be used after checking list_prompt_versions or conf...
-
delete_prompt_labelDestructiveDelete a prompt label by ID. This cannot be undone; versions carrying the label lose it, and any workflow resolving by that label will need a replacement.
-
delete_prompt_partialDestructiveDelete a prompt partial by ID. This cannot be undone, and prompts that reference it with {{> name}} will fail to render until you replace the reference.
-
delete_providerDestructiveDelete a workspace provider by slug. This is irreversible and will break prompts, configs, and virtual keys that reference it; use delete_integration for the org source instead....
-
delete_rate_limitDestructiveDelete a rate limit by id. This is permanent and removes throttling immediately; review dependent configs and virtual keys before deleting.
-
delete_usage_limitDestructiveDelete a usage limit by id. This is permanent, removes the budget immediately, and clears tracked usage state; check list_usage_limit_entities first if you need impact.
-
delete_userDestructiveDelete a user from the org by id. This is permanent, removes org and workspace memberships, revokes API keys, and ends active sessions; use delete_user_invite for pending invite...
-
delete_user_inviteDestructiveDelete a pending invite and revoke its invite link. This does not affect existing users; use delete_user for full user removal.
-
delete_virtual_keyDestructiveDelete a virtual key by slug. This is irreversible and will break prompts and configs that reference the slug, so confirm no active dependencies first. Returns success after rem...
-
delete_workspaceDestructiveDelete a workspace by id. This is permanent and removes the workspace, its members, configs, API keys, and resources.
-
remove_workspace_memberDestructiveRemove a user from a workspace and revoke workspace access. This does not delete the user from the organization; use delete_user for full removal.
-
reset_usage_limit_entityDestructiveReset tracked usage for one entity under a usage limit. This changes accumulated usage for that entity only; use list_usage_limit_entities to confirm the target first.
Attacks that target this class
Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.